Nairobi News

HustleNews

How hackers raided Uganda central bank

March 17th, 2016 2 min read

Ugandan government officials and hackers have since last July attempted four times to siphon USh81 billion (Sh2.45 billion) through the Uganda central bank.

However some monies of the money that had successfully been wired to Hong Kong and UAE was retrieved through inter-bank procedures, the latest being $8 million (Sh800 million) transferred on February 26, 2016.

The accounts targeted were those of the largest budget holders, among them the Defence, Energy and Agriculture ministries as well as the Uganda National Roads Authority (UNRA).

“The matter is the subject of an active investigation, so until that process ends we are not in a position to offer the details you are requesting for,” said Bank of Uganda communications director Christine Alupo.

“Yes, indeed all the funds were recovered from the United Arab Emirates and Hong Kong and are back in the custody of the Bank of Uganda.”

FIRST ATTEMPT

The first attempt aimed at the biggest amount happened in July 2015 and $12 million (Sh1.2 billion) was targeted. The plot was foiled, and the masterminds went below the radar, re-emerging in December 2015 to try to steal $2 million (Sh200 million).

A month later, in January 2016, they made another attempt to fork out Sh800 million but were detected in time before returning to compromise the system last month.

Although the Ministry of Finance first notified Uganda Police of the breaches 10 months ago, its detectives did not act immediately, prompting the military, whose budget was targeted, to swing into action and arrest three suspects who are in police custody.

Police spokesperson Fred Enanga declined to comment when asked why the UPDF had taken over the sensitive inquiries amid allegations that police was compromised.

Ministry of Finance spokesman Jim Mugunga said: “This is an ongoing investigation and our expectation is that the security agencies involved are doing their work.”

He was non-committal on the reported past attempts, saying he believes investigators will unearth all breaches.

SHARED PASSWORDS

Government officials are believed to have shared passwords with foreign-based tech-savvy individuals, profiled the accounts with huge credits to stage the theft.

All the Integrated Financial Management System transactions originated from the Ministry of Finance and processed through Bank of Uganda and the money was to be wired to fictitious companies in either Hong Kong or the United Arab Emirates.

It is unclear how non-existent entities indicated in the documents held accounts, raising suspicion of possible collusion between host banks and the masterminds.

The fraud comes three years after the government instituted new financial integrity measures to seal loopholes, following the 2012 scandal in which technocrats in the Office of the Prime Minister stole in excess of USh60 billion (Sh1.8 billion) that development partners had pooled to rebuild war-scarred northern Uganda.

SOURCE: Business Daily